NEW FBI DATA: Americans 50+ lost $11.3 billion to fraud in 2025 — a record high — see the full report →
Situation-by-Situation Answers

Is This a Scam?

Got a suspicious call, text, or email? Select the scenario that matches what happened for a clear verdict — or learn how to check whether a phone number, website, link, or email is a scam.

✓ Verdict in plain English
✓ What to do right now
✓ Sourced from FBI & FTC

These are the most common scenarios we hear about from seniors and their families. Each guide gives you a direct verdict — not a hedge — along with exactly what to do and what the scammer is trying to accomplish.

How to Tell If Something Is a Scam

Scams come in through a phone call, a text, an email, or a website, but almost all of them share the same handful of warning signs. If you spot any of these, treat it as a scam until you've proven otherwise:

  • Urgency. You're told to act right now — your account will be closed, you'll be arrested, the deal expires in minutes.
  • A trusted name. The contact claims to be a government agency, your bank, a delivery service, a tech company, or even a relative.
  • Pressure to pay a certain way. Gift cards, wire transfers, cryptocurrency, or payment apps like Zelle, Venmo, or Cash App are favored by scammers because the money is nearly impossible to get back.
  • A request for information. Passwords, Social Security numbers, card numbers, or one-time verification codes.
  • Secrecy. You're told not to tell anyone, or not to hang up and check.

The single most reliable defense is simple: stop and verify independently. Hang up or close the message, then reach the company or agency yourself using a number or website you look up on your own — never the contact details the message gave you. Below is how to do that for a phone number, a website or link, and an email.

Is This Phone Number a Scam? How to Check

The most important thing to know: the number and name on your caller ID can be faked. Scammers use "spoofing" to make a call look like it's from your bank, a government office, or a local number. So a familiar-looking number is not proof the call is real.

Signs the call is a scam: it's unexpected, it pressures you to act immediately, it threatens you, or it asks for payment or personal information. If any of that happens, hang up. To check whether it was really your bank or an agency, call them back at the number on your statement, your card, or their official website — not the number that called you.

Be cautious with "reverse phone lookup" websites. Many are unreliable or are themselves trying to sell you something, and a number that looks "clean" can still be spoofed. A safer habit is to let calls from unknown numbers go to voicemail, and to turn on the free spam-call filtering most carriers offer. If a specific story matches one of these, we have a full breakdown: the IRS "you owe money" call, the Social Security "suspended number" call, a Medicare call, an Amazon "unauthorized charge" call, or a Microsoft tech-support call.

Is This Website or Link a Scam? How to Check

Before you click a link or trust a website, slow down and look at the web address itself:

  • Read the domain carefully. Scam sites use lookalike addresses — extra words, hyphens, or odd endings (for example, usps-trackings.com instead of usps.com). The real domain is the part right before the first single slash. If it isn't the company's plain, official address, don't trust it.
  • The padlock doesn't mean "safe." A padlock or "https" only means the connection is encrypted — scam sites have those too. It is not proof the site is legitimate.
  • Don't click links in unexpected messages. Instead, open a new tab and type the company's known address yourself, or use your own bookmark. On a computer you can hover over a link to preview where it really goes.
  • Watch for the usual tells. Prices that are too good to be true, pressure to buy now, requests to pay by gift card or wire, spelling and grammar mistakes, no real contact information, and reviews that all sound the same.

When in doubt, don't enter any information. A "scam website checker" can give a second opinion, but no tool is perfect — the safest move is always to reach the real company through a channel you found yourself.

Is This Email a Scam? How to Check

Phishing emails are designed to look official. Check these before you click or reply:

  • The sender's actual address. The display name may say "Amazon" or "Chase," but the real email address behind it is often a string of random characters or an unrelated domain. Look at the full address, not just the name.
  • A generic greeting. "Dear customer" or "Dear user" instead of your name is a common sign.
  • Urgency or threats. Claims that your account is locked, a payment failed, or you'll lose access unless you act immediately.
  • Links and attachments. Don't click them. Go to the company's website directly instead. Unexpected attachments can carry malware.
  • Requests for sensitive information. A real company won't email you to ask for your password, full card number, or a verification code.

If an email claims there's a problem with one of your accounts, don't use its links — log in to that account the way you normally do, and check for any real notices there.

What Is Phishing, Smishing, and Vishing?

These are three names for the same trick — impersonating someone you trust to steal information or money — delivered three different ways. Phishing arrives by email. Smishing arrives by text message (the word combines "SMS" and "phishing"); the fake USPS package texts and unpaid-toll texts are classic examples. Vishing is the voice version — a phone call in which a scammer poses as your bank, a government agency, or tech support. In every case the defense is the same: don't act on the message itself, and verify directly with the real organization.

Common Questions

Remember that caller ID can be faked, so a familiar-looking number isn't proof the call is real. Treat a call as a scam if it's unexpected, pressures you to act immediately, threatens you, or asks for payment or personal information. To verify, hang up and call the company or agency back using the number on your statement, card, or official website — never the number that contacted you. Letting unknown calls go to voicemail and turning on your carrier's free spam filter are the best everyday defenses.
You can, but be careful. Many "reverse phone lookup" and "free scammer number lookup" sites are unreliable or are trying to sell you a subscription, and because numbers can be spoofed, a result that looks clean doesn't prove the call was safe. Rather than trust a lookup site, judge the call by what it asked you to do: any unexpected call demanding money, gift cards, or personal information is a scam regardless of the number it came from.
Look closely at the web address: scam sites use lookalike domains with extra words, hyphens, or unusual endings instead of the company's plain official address. Don't rely on the padlock or "https" — that only means the connection is encrypted, not that the site is honest. Watch for prices that are too good to be true, pressure to buy immediately, requests to pay by gift card or wire, poor spelling, and missing contact details. When in doubt, leave the site and reach the real company through an address you look up yourself.
The safest rule is not to click links in unexpected texts or emails at all. Instead, open a new browser tab and type the company's known web address yourself, or use a bookmark. On a computer, you can hover your mouse over a link to see the real destination before clicking — if it doesn't match the company's official site, don't click it.
Check the sender's full email address, not just the display name — scammers show a trusted name while the real address is random or unrelated. Be suspicious of generic greetings, urgent threats about your account, and any request for a password, card number, or verification code. Don't click the email's links or open unexpected attachments; if it claims there's a problem with an account, log in the way you normally would and check for real notices there.
Phishing is when a scammer impersonates a company or agency you trust to trick you into giving up information or money. By email it's called phishing; by text message it's "smishing"; by phone call it's "vishing." All three rely on a trusted name plus urgency. The defense is always the same: don't act on the message itself — verify directly with the real organization using contact details you find on your own.

Sources

FBI IC3 2025 Internet Crime Report — government impersonation losses, tech support fraud, romance/investment scam totals
FTC Consumer Sentinel Network Data Book 2024 — business impersonation rankings, contact method data
SSA Office of Inspector General — Consumer Alerts — Social Security impersonation scam warnings
IRS 2026 Dirty Dozen — IRS impersonation ranked #1 threat